{"id":5475,"date":"2020-05-15T00:46:09","date_gmt":"2020-05-15T00:46:09","guid":{"rendered":"https:\/\/www.geekdecoder.com\/?p=5475"},"modified":"2020-05-15T00:46:09","modified_gmt":"2020-05-15T00:46:09","slug":"ssh-key-that-uses-ed25519-algorithm","status":"publish","type":"post","link":"https:\/\/www.qbytes.cloud\/index.php\/2020\/05\/15\/ssh-key-that-uses-ed25519-algorithm\/","title":{"rendered":"SSH key that uses Ed25519 algorithm"},"content":{"rendered":"

To test, you will need a client and test server. The client server is where we generate the keys.<\/p>\n

When we generate keys, there will be a private key and a public key.<\/p>\n

Then we copy the public key to the test server. When we ssh to the test server, the private key we have on the client server matches the public key that we copied to the test server.<\/p>\n

To generate a new pair of SSH keys that uses Ed25519 algorithm on the client server, run:<\/p>\n

# ssh-keygen -o -a 100 -t ed25519 -f ~\/.ssh\/id_ed25519 -C "somename"\nGenerating public\/private ed25519 key pair.\nCreated directory '\/root\/.ssh'.\nEnter passphrase (empty for no passphrase):\nEnter same passphrase again:\nYour identification has been saved in \/root\/.ssh\/id_ed25519.\nYour public key has been saved in \/root\/.ssh\/id_ed25519.pub.\nThe key fingerprint is:\nSHA256:S5mglsGaa7byro5iFvC01VyFt+plsvrt5SLtTTzUHVU geekdecoder\nThe key's randomart image is:\n+--[ED25519 256]--+\n|         o.     E|\n|   .    o .     .|\n|    oo.. . .   . |\n|. .o.+o. o.  . ..|\n|.ooo+   S.  . . .|\n| .oo   .o.oo     |\n|  =    ..*  =    |\n|+= .    +.o= .   |\n|B*+   .o.++.o    |\n+----[SHA256]-----+\n\n<\/pre>\n
-f
\nSpecifies filename of the keyfile, used for specifying other than default name
\n-a
\nnumber of primality test while screening DH-GEX candidates
\n-t
\ntype of key (RSA, ED25519, DSA, etc)
\n-C
\nComment (not used in algorithm, only used in public key)
\n-o
\nopenSSH key format instead of older PEM (needs OpenSSH 6.5+)<\/p><\/blockquote>\n
If your account on the remote system doesn’t already contain a ~\/.ssh\/authorized_keys file, create one; on the command line, enter the following commands:<\/p>\n
\n# mkdir -p ~\/.ssh\n# touch ~\/.ssh\/authorized_keys\n\n<\/pre>\n
On Client, Copy Public SSH Key (id_ed25519.pub) to Remote Server
\nUsing the command “ssh-copy-id” is the preferred way. You will need to have ssh access to the server to copy the key.<\/p>\n
Here is the command:<\/p>\n
\n# ssh-copy-id -i ~\/.ssh\/id_ed25519.pub root@server1.server.com -p22\n<\/pre>\n
Now try logging into the machine, with:   <\/p>\n
\n"ssh -p '22' 'root@server1.server.com'"\n<\/pre>\n
Check to make sure that only the key(s) you wanted were added.<\/p>\n
Adding Your Key to SSH Agent<\/p>\n
You can find your newly generated private key at ~\/.ssh\/id_ed25519 and your public key at ~\/.ssh\/id_ed25519.pub. Always remember that your public key is the one that you copy to the target host for authentication.<\/p>\n
Before adding your new private key to the SSH agent, make sure that the SSH agent is running by executing the following command:<\/p>\n
\n# eval "$(ssh-agent -s)"\n<\/pre>\n
Then run the following command to add your newly generated Ed25519 key to SSH agent:<\/p>\n
\n#ssh-add ~\/.ssh\/id_ed25519\n<\/pre>\n
Or if you want to add all of the available keys under the default .ssh directory, simply run:<\/p>\n
\n# ssh-add\n<\/pre>\n
If you want to just login to the server with the hostname vs the full domain like:<\/p>\n
ssh “server1” vs “ssh -p ’22’ ‘root@server.com'”, then add a hostname entry to the client with the following:<\/p>\n
\n# nano \/etc\/hosts\nip.of.the.server  server1.server.com        server1\n<\/pre>\n
Now try the short ssh:<\/p>\n
\n# ssh server1\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
To test, you will need a client and test server. The client server is where we generate the keys. When we generate keys, there will be a private key and a public key. Then we copy the public key to the test server. When we ssh to the test server, the private key we have … Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[110],"tags":[],"class_list":["post-5475","post","type-post","status-publish","format-standard","hentry","category-ssh"],"_links":{"self":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts\/5475","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/comments?post=5475"}],"version-history":[{"count":0,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts\/5475\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/media?parent=5475"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/categories?post=5475"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/tags?post=5475"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}